SAML Authentication for Nasuni and SMB Multi-User Providers
Last updated on July 20, 2021
File Fabric version 1906.07 introduced two new connectors, Nasuni and SMB Multi-User, that allow org. members to access shared SMB storage through the File Fabric using their own SMB accounts.
This approach was only available to org. members who authenticated as File Fabric users through the LDAP system that contained the access controls for the SMB storage accessed through the connectors.
Starting in File Fabric v2106 users can also access SMB storage after authenticating with SAML.
To allow users who authenticate with SAML to use an SMB provider, the org. admin should first add the provider and then adjust its configuration. Two options on the provider settings page control SAML access:
Allow SAML login - Turn this option On to allow access by users who authenticate with SAML.
Force username - This option is only visible if “Allow SAML login” is set to On. It determines whether the user’s SAML username will be used to access the SMB storage or if the user can provide a different username. If the option is On then the SAML username will be used; if it is Off then the user can provide a different username.
When a user who authenticates through SAML has been granted access to one or more SMB Multi-User or Nasuni providers that allow SAML logins, the first time she logs in a page will be displayed on which she can set her LDAP credentials for each provider.
As the screen shot shows, when providers share an authentication system they are grouped into Storage Groups and it is only necessary to enter the credentials for once for the group.